From 0934b6b023b46cd0e2e5fa55a23a054b2feeb618 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Sun, 22 Oct 2017 19:02:53 +0200 Subject: Run the ProxyAutoDetect script in the sandbox again The previous change moved running the proxy detection program from the method to the main process, so it runs as root and not as _apt. This brings it back into the sandbox. Gbp-Dch: ignore --- apt-pkg/contrib/fileutl.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'apt-pkg/contrib/fileutl.h') diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 19b4ed49e..699b8b802 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -273,8 +273,10 @@ std::vector Glob(std::string const &pattern, int flags=0); * \param Mode is either FileFd::ReadOnly or FileFd::WriteOnly * \param CaptureStderr True if we should capture stderr in addition to stdout. * (default: True). + * \param Sandbox True if this should run sandboxed * \return true on success, false on failure with _error set */ +bool Popen(const char *Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode, bool CaptureStderr, bool Sandbox) APT_HIDDEN; bool Popen(const char* Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode, bool CaptureStderr); bool Popen(const char* Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode); -- cgit v1.2.3